On Fri, May 01, 2020 at 08:28:59AM +0200, Fabian Arrotin wrote:
On 01/05/2020 00:58, Derek Carter wrote:
Shouldn't `registry.centos.org/centos:latest` http://registry.centos.org/centos:latest` point to CentOS 8?
That's what https://hub.docker.com/_/centos leads me to believe.
Where is the CentOS registry managed?
That's indeed a good question as CentOS core team is pushing only to DockerHub, but the other team that was in charge of registry.centos.org is now silent for months so don't know about its actual status ....
I've reported the issue as
https://bugs.centos.org/view.php?id=16592
back in October, besides other things I've noticed about the container images. It got no response so far.
The registry.centos.org/8 image has actually been updated two months ago so someone with access to that registry is active:
$ podman pull registry.centos.org/centos:8 Trying to pull registry.centos.org/centos:8... Getting image source signatures Copying blob 7489b20503c1 [--------------------------------------] 0.0b / 0.0b Copying config 06883f3563 done Writing manifest to image destination Storing signatures 06883f356370555e47f0dc0f4fbc7141046a806be2930c250f0dc8196fa6e659 $ podman images registry.centos.org/centos:8 REPOSITORY TAG IMAGE ID CREATED SIZE registry.centos.org/centos 8 06883f356370 2 months ago 228 MB
Wouldn't it be good to either include registry.centos.org in the official processes or decomission it altogether?
What's further interesting is that
registry.centos.org/centos:7 3fe89940ae92
was updated three years ago, but it's 7.6.1810, unlike
docker.io/library/centos:7 5e35e350aded
which is five months old, but is 7.7.1908. Having old versions around can lead to people unknowingly using old software with vulnerabilities.